upstream commit

Fix PermitOpen crash; spotted by benno@, ok dtucker@ deraadt@

Upstream-ID: c2cc84ffac070d2e1ff76182c70ca230a387983c

diff --git a/monitor.c b/monitor.c
index bdb4e8552424b07eb8aa3f3682e1b0edcc50ebe1..f517da482ce501f8d4af7ac219e59e553336d90b 100644 (file)
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.173 2017/09/12 06:32:07 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.174 2017/10/02 19:33:20 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -760,10 +760,12 @@ mm_answer_pwnamallow(int sock, Buffer *m)
                for (i = 0; i < options.nx; i++) \
                        buffer_put_cstring(m, options.x[i]); \
        } while (0)
+#define M_CP_STRARRAYOPT_ALLOC(x, nx) M_CP_STRARRAYOPT(x, nx)
        /* See comment in servconf.h */
        COPY_MATCH_STRING_OPTS();
 #undef M_CP_STROPT
 #undef M_CP_STRARRAYOPT
+#undef M_CP_STRARRAYOPT_ALLOC
 
        /* Create valid auth method lists */
        if (auth2_setup_methods_lists(authctxt) != 0) {

diff --git a/monitor_wrap.c b/monitor_wrap.c
index 287af066795e1c2c4904ced7b14eb28f6ffd6377..69212aaf330b58e5d9bf49d3b131c1cfd765579e 100644 (file)
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.93 2017/09/12 06:32:07 djm Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.94 2017/10/02 19:33:20 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -290,10 +290,16 @@ out:
                for (i = 0; i < newopts->nx; i++) \
                        newopts->x[i] = buffer_get_string(&m, NULL); \
        } while (0)
+#define M_CP_STRARRAYOPT_ALLOC(x, nx) do { \
+               newopts->x = newopts->nx == 0 ? \
+                   NULL : xcalloc(newopts->nx, sizeof(*newopts->x)); \
+               M_CP_STRARRAYOPT(x, nx); \
+       } while (0)
        /* See comment in servconf.h */
        COPY_MATCH_STRING_OPTS();
 #undef M_CP_STROPT
 #undef M_CP_STRARRAYOPT
+#undef M_CP_STRARRAYOPT_ALLOC
 
        copy_set_server_options(&options, newopts, 1);
        log_change_level(options.log_level);

diff --git a/servconf.c b/servconf.c
index 16436512e0f67642257e2f56235fceac9b241f24..2c321a4ad4f34024fa975eb7fc21006f7e5a860c 100644 (file)
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
 
-/* $OpenBSD: servconf.c,v 1.311 2017/09/18 09:41:52 dtucker Exp $ */
+/* $OpenBSD: servconf.c,v 1.312 2017/10/02 19:33:20 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -2063,6 +2063,13 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
                        dst->n[dst->num_n] = xstrdup(src->n[dst->num_n]); \
        } \
 } while(0)
+#define M_CP_STRARRAYOPT_ALLOC(n, num_n) do { \
+       if (src->num_n != 0) { \
+               dst->n = xcalloc(src->num_n, sizeof(*dst->n)); \
+               M_CP_STRARRAYOPT(n, num_n); \
+               dst->num_n = src->num_n; \
+       } \
+} while(0)
 
        /* See comment in servconf.h */
        COPY_MATCH_STRING_OPTS();
@@ -2093,6 +2100,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
 #undef M_CP_INTOPT
 #undef M_CP_STROPT
 #undef M_CP_STRARRAYOPT
+#undef M_CP_STRARRAYOPT_ALLOC
 
 void
 parse_server_config(ServerOptions *options, const char *filename, Buffer *conf,

diff --git a/servconf.h b/servconf.h
index ffcbc33191f28bdcc8b884450c7dab848c5f5c36..1dca702e6acba68da7ac6d054b9a844aafbfb4c0 100644 (file)
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.h,v 1.125 2017/09/12 06:32:07 djm Exp $ */
+/* $OpenBSD: servconf.h,v 1.126 2017/10/02 19:33:20 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -237,7 +237,7 @@ struct connection_info {
                M_CP_STRARRAYOPT(deny_groups, num_deny_groups); \
                M_CP_STRARRAYOPT(accept_env, num_accept_env); \
                M_CP_STRARRAYOPT(auth_methods, num_auth_methods); \
-               M_CP_STRARRAYOPT(permitted_opens, num_permitted_opens); \
+               M_CP_STRARRAYOPT_ALLOC(permitted_opens, num_permitted_opens); \
        } while (0)
 
 struct connection_info *get_connection_info(int, int);